Martin Montes

Hey there @Jancis ! Thanks for reporting! 100% I think downscaling should be a must-have feature. It should be fairly easy to achieve by removing this unfortunate default: https://github.com/mariadb-operator/mariadb-operator/blob/d679c20bc64cf099353fbcd063edf51960c9b35a/api/v1alpha1/maxscale_types.go#L448 Contributions...

Building the image is not sufficient, as the defaulting part that is messing the downscaling is in the CRDs, which are installed via helm. I think the steps to allow...

Hey @grooverdan ! > I was contemplating making MARIADB_MYSQL_LOCALHOST_USER create a [email protected]/ mysql@::1 user as well. What are the security consequences of that? One could be that sidecar containers might...

> I wonder if the operator could temporarily pause the liveness/health probes while recovery is ongoing? The agent container that controls the `/health` endpoint does return 200 OK during recovery:...

Hey @Wouter0100 ! Thanks for reporting this, I think this is a quite interesting feature, it could potentially save costs in infrastructure and provide more resiliency to the MariaDB cluster....

That could be an option @Wouter0100 ! This new `Arbitrator` resource would be reconciled intro another `StatefulSet` that is part of the MariaDB cluster. We will consider this when we...

Hey @wasd171 ! Thanks for bringing this up 🙏🏻 Indeed, providing TLS secrets is something we don't directly support, but it can be achieved by mounting an extra volume and...

Hey @wasd171 ! > I am not sure whether the certificateRef field is really needed – in the end the Certificate would anyway point to a Secret, so just having...

Hey @wasd171 ! That's a good point, we could levarage [crypto/x509](https://pkg.go.dev/crypto/x509) to issue a self-signed certificate. I would argue that this is not the best practice for production but definetly...

Besides, `cert-manager` also supports setting up a self-signed issuer: - https://cert-manager.io/docs/configuration/selfsigned/